You have a W32/FakeAlert-variant (AKA W32/FakeXPA) infection, most likely
accompanied by Vundo- and SDBot-variant infections, all of it "protected" by
a rootkit infection. The fact that none of the scanning you've done so far
detected all this is a testament to the rootkit's severity & power!
Option 1: Run a more-thorough check for hijackware, including posting the
requested logs in an appropriate forum.
Checking for/Help with Hijackware
**Seek expert assistance in
or other appropriate forums.**
Option 2: If the procedures look too complex - and there is no shame in
admitting this isn't your cup of tea - take the machine to a local,
reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer
Option 3: Backup your personal data, then do a format & clean install of
Windows. Please note that a Repair Install will NOT fix this!
After the clean install, you'll have the equivalent of a "new computer" so
take care of everything on the following page before otherwise connecting
the machine to the internet or a network or using a USB key that isn't
brand-new or hasn't been freshly formatted:
5 steps to help protect your new computer before you go online
Steps To Help Prevent Spyware
Security FAQ & Checklist
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002
> I am using XP professional with SP3 installed. Recently while i tried to
> update windows it is not working. I reach up to the step wherein i choose
> Express/Custom option, the udate scroll starts for few seconds and the
> message pops!
> I went through Windows knowledge base Article ID 910336 and tried to
> it. This didn't work. In the very first step i find "Autoupdate" stopped
> rather then me to stop it manually !
> I went through other posts also and tried to run all kind of scans to see
> my PC is infected. I used Norton IS 2009, Onecare Protection scan,
> malwarebyte's antimalware, Super Antispyware, MSRT March edition, SpyBot
> Search & destroy ! None of these finding any infections ! I even ran
> "ComboFix" i dont know whether i did right or wrong running "ComboFix"?
> However while running Combofix i saw it notifying me to disable "Cyber
> Defender Internet Security" i dont know where it came from ? i dont find
> installed in my PC ! Is it installed by Norton Internet Security 2009 ?
> Other associated problems...I tried to update IE8RC1 to IE8 final
> version...it also fails repeatedily. I find NIS 2009 identifying spam
> being sent from my Outlook express to various ids without my knowledge.
> happens only when i connect internet through Dial up connection ! While
> using LAN and Proxy it doesnt appear !
> So friends, i have listed here all what i can gather... just help me set
> right my Windows to get updates...and IE8 to get installed !
> Thanks for going through my long query !